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A SECURE DATA TRANSFER SYSTF.M 



This invention relates to secure data transfer systems. The invention is 
particularly applicable to secure data transfer involving a trusted third party 
5 (TTP). 



Encryption of messages for reasons of security and authenticity has been 
practised in many forms. In the context of digital communications, encryption 
based on mathematical algorithms is under continual development. A 
discussion of encryption techniques can be found in many text books, for 
example Applied Cryptography by B. Schneier. John Wiley & Sons Inc., 1996. 



Symmetric cryptography involves the use of a single key which is known to 
both the message sender and recipient. The key is used to encrypt the message 
and the same key is used at the message destination for decryption. It is vital to 
the integrity of such a system that the key remains the secret of the sender and 
the recipient. Any doubt as to the security in which the key is held by either 
party undermines the integrity of the system as any other party having 
knowledge of the key can use it to decrypt the message. An example of a 
symmetric key cryptography system is the well-known Data Encryption 
Standard (DES). 



To address the security problem associated with symmetric key systems, public 
key (asymmetric) cryptography was developed. In this arrangement the key 
sharing problem of symmetric cryptography is avoided by using an algorithm 
which has two keys. One key is used to encrypt the message and the other key 
is used to decrypt it. Thus, there is no need to transmit and share one key 
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between correspondents. Any party is able to encrypt a message using the 
intended recipient's public key, but only the holder of the other (private) key as 
well is able to decrypt it. For multi-user systems, asymmetric key encryption 
techniques are commonly employed. Such public/private key systems have 
5 been developed by ? for example, RSA Laboratories of Redwood City, 
California, USA. 

In practice asymmetric key algorithms are too slow to use for the encryption 
and decryption of large quantities of data. To address this problem a unique 
10 symmetric key is generated for each data transfer and this symmetric key is 
transferred from one party to the other using an asymmetric (public) key 
method. This provides the speed advantage of symmetric keys while retaining 
the advantages of an asymmetric (public) key. 

15 In an extension of the asymmetric key system, it is possible to develop a digital 
signature by which to verify that the sender of the message was the party 
purporting to have done so. To do this the sender encrypts a digest of the 
message (called a "hash*) using the private key. The digest is now decipherable 
by anyone using the public key. but the sender is verified because only the 

20 sender knew the private key with which it was encrypted. This provides 
authentication of the sender to the user. The fact that the private key of the 
asymmetric key system is kept only by the sender provides a useful form of 
authentication known as 'non-repudiation* as there is only one custodian of the 
private key for decry ption purposes. The sender cannot deny being the source 

25 of the message. 
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Assurances as to the identity of the deciypter, Le. the recipient, are just as 
necessary as those associated with the enciypter. To address this it is known to 
employ the services of a trusted third party (TTP) or certificate authority. The 
role of the TTP is to certify to either or both parties that fee other is who they 
purport to be. Certification links a particular key with the identity of a party. 
Clearly, the security of die TTP is vital to its standing as an issuer of 
certificates* 

Hie certificate typically includes identification data as well as identification of 
the certification authority and the duration for which the certificate is valid A 
so-called distinguished name provides authentication of an identity linked to a 
specific capacity, e.g. rank in an organisational hierarchy. This can be used in 
addition to the certificate associated with the transacting site. 

Encryption software enables users to communicate securely by encrypting files 
and attaching them to electronic mail (e-mail) messages. The files cannot be 
read by anybody other than the intended recipient of proven identity. There are 
many implementations of such software, for example that described in the 
article by J Linn title "Privacy Enhancement for Internet Electronic Mail: Part 
1: Message Encryption and Authentication Procedures" RFC 1421, [Online] 
February 1993 (1993-02), pages 6-30, XP002132590 Messaging". In all cases, 
however, the recipient has free access to the message, provided that the 
recipient's private key is available. 

In some protocols there is provision for parties other than the sender or 
specified recipient to gain access to the contents of a message by encrypting a 
key and decrypting it in special circumstances* Two cases can be distinguished: 



AMENDED SHEET 



GB 009903140 



4~ 

(I) an escrow capability by a known person or organisation; and (2) release of 
the key(s) of the message to persons not defined when the message is encrypted 
US 5,557,765 describes an example of (1) where a message key is divided into 
parts which are separately encrypted to escrow agents so that Law Enforcement 
Agencies or authorised bodies can recover them later. In general this is done 
secretly and the sender is not able to detect that the message has been accessed. 
EP-A-0,798,892 discloses an example of (2), where the encryption process is 
not specific to any defined recipient The intention is that any recipient can 
access the plaintext (or part of it) by means of a payment In return for the 
payment the message key is released- It is not necessarily the case that the 
sender can find out the identities of those recipients. 

There is a need for an electronic equivalent of the recorded and registered postal 
systems* In many instances, it is necessary for the sender of mail at least to 
have verification that it has been received by the authorised recipient (proof of 
delivery). A recorded postal letter is signed for by the recipient when it is 
handed over by the deliverer. A registered postal letter is tracked through the 
postal system and logged as having passed various points up to delivery. 

In an e-mail system the verification of delivery is not necessarily assured 
because either the acknowledgement software of the recipient may be disabled 
or the recipient is posing as the intended recipient fraudulently. E-mail is not 
inherently secure. Thus, security of an e-mail message depends entirely upon 
encryption of the message and the encryption system remaining 
uncompromised. 

It has been proposed that recorded e-mail delivery can be effected by using an 



AMENDED SHEET 



-'24-08.-2000 



GB 009903140 



4a 

encryption system by which an encrypted message is transferred to, and held 
by, a central point associated with a TTP for onward delivery to an 
authenticated user. The message is stored at the TTP until it is requested by the 
intended recipient in response to notification that the message is waiting. 
5 However, it has been found that there is a practical limit on the amount of 
information the TTP can store. Thus, the system is dependent upon the storage 
capacity of the TTP. Furthermore, not only the encryption system but the 
message itself has to conform to the TTP's reception/transmission system both 
Jg in terms of format and transmission medium* 

10 

According to the present invention there is provided a data transfer system as 
3 specified in claim 1. Some preferred features are defined in the dependent 

s claims, 

^ 15 The data transfer transmission in which the invention is embodied comprises a 
C sender facility; a receiver facility and a key facility; the sender facility having 

means for encrypting data for the intended recipient, means for splitting the data 
into encrypted parts such that no part is decrypted on its own, means for 
encrypting at least one of the parts for a third party to produce a further 
£ 20 encrypted part, means for combining the further encrypted part and the 
remaining encrypted part to produce a data block and means for sending the 
data block, the receiver facility having means for receiving the data block, 
means for requesting decryption of the further encrypted part by the key facility 
which has means for decrypting the further encrypted part and means for 
25 sending it to the receiver facility and the receiver facility also having means for 
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decrypting the encrypted part and the decrypted further encrypted part provided 
by the key facility. 

In one form the invention provides a data transfer system using an asymmetric 
5 ("public") key system, with or without an underlying symmetric data 
encryption, that encrypts and digitally signs data (the "plaintext") to an intended 
recipient. A sufficient portion of the encrypted data can be removed, such that 
the original text cannot be recovered from the portion remaining. The removed 
portion is signed and re-encrypted to a third party. This re-encryption should 
10 include or produce a unique identifier for the message that will be available to 
all parties; the sender, the receiver and the TTP. Both portions; the encryption 
with the portion removed and the re-encrypted removed portion are then 
combined and digitally signed. This data is then sent to the recipient by any 
suitable means of electronic or physical delivery. 

15 

The recipient is assured of the integrity of the entire data by the signature. The 
recipient then extracts the re-encrypted portion, digitally signs it and sends it to 
the third party. 

20 The third party can validate the identity of the recipient from the recipient's 
signature and can then decrypt the removed portion of the original message. 
This includes the sender's signature and thus validates the sender's identity. As 
the recipient should have checked the overall signature from the sender this 
establishes that the entire message was delivered to the recipient. At some point 

25 in this process the unique identifier of the message, the identity of the recipient 
and any other pertinent information can be stored by the third party. The 
removed portion is then digitally signed by the third party and sent to the 
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recipient. 

The recipient checks the third party's signature and combines the removed 
portion with the remainder, recreating the original encrypted text. The recipient 
then validates the signature and decrypts the data; the result is the original 
plaintext. 

At any later time the sender can apply to the third party for details of if and 
when the recipient requested decryption of the removed portion. This is taken 
to be proof of delivery of the entire message. Ail parties have sufficient proof 
of authenticity and integrity of all transactions. 

In the particular example discussed: 

1/ the encryption method is Privacy Enhanced Messaging (PEM), 
21 the portion removed is the PEM header. 

3/ the unique identifier is the Message Integrity Check (MIC) field from the 

header of the re-encryption of the portion removed. 
4 7 the message is transferred from sender to recipient by Simple Message 

Transfer Protocol (SMTP) 
5/ the requests to and replies from the third party are in a format specified 

by the third party using Transport Communication Protocol/Internet 

Protocol (TCP/IP). They are signed by privacy enhanced mail (PEM) or 

public-key cryptography system (PKCS#7). 

In this form the removed part may conveniently be a key. 



The invention can send the message directly to the intended recipient. This 
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allows the encrypted data to be sent to the recipient in any format that is agreed 
with the sender. In this form the key facility is only responsible for passing on 
the further encrypted part in response to the request message. The key facility 
is not required to hold the message until it is called for by the intended recipient 
5 after transmission by the sender. Thus, the secure message system is not reliant 
upon the capacity of the key facility for storing and forwarding messages from 
sender to recipient. This enables recorded delivery as the TTP is able to log the 
request for the decrypted further encrypted part to decrypt the data. 

10 Alternatively, the encrypted data can be sent to the key facility for onward 
delivery to the recipient. This enables registered mailing as the TTP is able to 
monitor the progress of the data. 

In one particular form of the invention the encrypted data has a header part. It 
15 is convenient to split the data so that the header forms the basis of the further 
encrypted part. 

The invention can be put into practice in various ways, some of which will now 
be described by way of example with reference to the accompanying drawings 
20 in which: 

Figure 1 is a schematic block diagram of the constituent parts of a data 
transfer system; 

Figure 2 is a functional diagram of the preparation and transfer of a 
message according to a first embodiment of the invention: 
25 Figure 3 is a functional diagram of the preparation and transfer of a 

message according to a second embodiment of the invention; 

Figures 4a) b) and c) are sequence charts of the message preparation 
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according to Figure 2; and 

Figure 5 is a sequence chart of the message preparation and transfer of a 
message according to Figure 3. 

5 A data transfer system is shown in Figure 1. The system comprises a sender 
site 10, a receiver site 12 and a TTP site 14 having data processing capability 
16. The sender and receiver sites 10 and 12 are each typically a personal 
computer connected to an intranet or internet for communicating with the 
receiver site 12 and the TTP site 14. The TTP site may include a key holding 

10 part and a message/data management part. Together the constituent parts of the 
TTP can be referred to as a key facility whether the different parts are grouped 
together or remote from one another. 

Referring to Figure 3. a first embodiment of the invention includes a Simple 
15 Mail Transfer Protocol (SMTP) connection between the sender and receiver 
sites 10/12 and a direct connection-orientated network layer protocol 
connection, such as a transmission control protocol/internet protocol (TCP/IP) 
connection between the sender site 10 and the TTP site 14. and the receiver site 
12 and the TTP site 14. Thus, this embodiment is based on an e-mail 
20 communication system. Other forms of data communication could use the 
invention to equal effect. 

In this embodiment the sender site computer is provided with an e-mail security 
application plug-in (API). The operation of this plug-in and corresponding 
25 equipment of the other parties can be implemented in various software formats. 
This embodiment makes use of a software toolkit produced by Entrust 
Technologies of Canada. It is used in the privacy enhanced mail (PEM) and 
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PKCS#7 mode. The Entrust security system has various architecture 
components. The security is based on a choice of symmetric key algorithm, 
including the Data Encryption Standard (DES), Triple DES and CAST; 
asymmetric or public key algorithms, such a RSA, DSA and DIFFEE 
HELLMAN; and hashing algorithms such as SHA-1, MD2 and MD5. These 
are only examples of key systems. Other key systems will be known to the 
skilled person which could be used to equal effect. The receiver and TIP sites 
are similarly provided with Entrust System components configured to receive 
and decrypt data sent by the sender as described below. 

Referring to Figure 4a, at the sender site 10 the plain text message P/T is both 
encrypted with the public key for the recipient K R or a group of recipients and 
signed by the PEM method using the sender's private key Ks< The 'header 5 part 
of the message is split of£ i.e, in the standard PEM format that part from 
" ....BEGIN PRIVACY-ENHANCED MESSAGE..../ 5 to the terminating empty 
line. This is referred to as the "inner header" 22. The remainder is the 
"encrypted text" 20. 

Referring to Figure 4b) s still at the sender site 10, the inner header 22 is further 
encrypted and signed by the PEM method using the public key Krrp of the third 
party only. This produces an "encrypted header" 24 and an "outer header" 26. 
The encrypted text 20, encrypted inner header 24 and outer header 26 are 
combined and digitally signed. The Message Integrity Check (MIC) field of the 
Outer Header 26 is a convenient unique identifier as it is a hash of the inner 
header 22 which, in turn, contains a hash of the plaintext; so the outer header 
MIC is dependent on the contents of the plaintext. Also, the inner header varies 
even when the same plaintext is used as the symmetric key is 
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chosen at random on each occasion. 

The encrypted text 20, encrypted inner header 24, the outer header 26 and 
signature are sent as a multi-purpose internet mail extension (MIME) within an 
5 e-mail message to form a message package. The unencrypted body of the 
message itself is an explanation of the sent data and instructions to the recipient 
on how to obtain software to decrypt the MIME inclusion. 

The sender (and recipient) software for preparing the encrypted data comprises 
10 Microsoft Exchange or Outlook management software as well as the new plug- 
in interface. The preparation of the message is Windows-based, providing a 
tool bar button to click on if the service is required for encrypting e-mail 
transmission, 

15 This embodiment of the invention is a form of e-mail recorded delivery. Thus, 
the prepared secure message is sent by the SMTP connection to the receiver site 
directly. At the same time an alerting message may be sent from the sender site 
to the TIP. Upon receipt of the e-mail message package the recipient is 
presented with the open e-mail message containing the instructions, the cipher 

20 text, the encrypted header, the outer header intended for the TTR The 
recipient's software extracts the inner and outer headers, signs them as one 
block using PEM or PKCS#7 and transmits them to the TIP using TCP/IP, 
Thus, the receiver site is instructed by the open e-mail message to send at least 
the encrypted header 24 and the outer header 26 to the TIP, as indicated in 

25 Figure 4c, as a request for decryption of the encrypted header. 

At the TIP the signature is checked. This process reveals the identity of the 



AMENDED SHEET 



WO 00/18060 



11 



PCT/GB99/03140 



recipient. The outer header is used to decrypt the encrypted inner header 24, 
generating the inner header 22 to reveal the identity of the sender. The 
identities, date, time, message identifier (outer header MIC field) and other 
pertinent information are stored by the TTP as evidence that the recipient 
5 received the whole message, i.e. proof of delivery. 

Satisfied as to the authenticity of the sender and the recipient by their respective 
signatures, the TTP signs the inner header 22 using PEM or PKCS#7 and 
transmits it to the recipient. In the event that the recipient does not receive the 
10 inner header they must take further action to do so. as requesting the decryption 
is taken as evidence of receipt of the entire message. 

The inner header also bears the digital signature at the sender, allowing the 
receiver site to re-verify the source of the message. Using standard PEM 
15 decryption the recipient can now recover the plaintext. 

This embodiment of the invention provides a form of recorded delivery for data 
transmission, such as e-mail. The sender sends messages directly to the 
intended recipient. However, in order to read the message the receiver site must 

20 initiate a request to the TTP to obtain the appropriate key to decipher the 
message. The request is logged by the TTP to provide proof-of-delivery that 
the recipient has received the message. The message sender is able to submit a 
query 7 to the TTP in order to establish whether the or each intended recipient has 
attempted to read the encrypted message. Because the bulk of the data 

25 transferred does not reach the TTP. data storage capacity within the TTP is of 
less concern than if the message were handled by the TTP. Furthermore, no 
data is held by the TTP until it is requested by the intended recipient. 
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Referring now to Figure 2, a registered post embodiment of the invention is 
based on a similar concept to the recorded delivery system described above. In 
this embodiment, the sender site is linked to the TTP directly by a SMPT 
communication as well as a TCP/IP connection. There is no establishment of 
5 direct communication between a sender and the receiver cite. The receiver site 
has SMTP and TCP/IP connection with the TTP. 

In this form of the invention, the e-mail message package comprising the 
MIME file of the cipher text, encrypted header and outer header is further 

10 signed digitally for receipt directly by the TTP, using an extra outer PO header 
28 ? and sent via the SMTP connection to the TTP as shown in Figure 5. The 
TTP returns a proof of submission (time and date stamp) of the e-mail message 
to the sender upon receipt. The header 28 contains a list of the intended 
recipients and any other options that the sender has selected. The TTP forwards 

15 the MIME content to each of the recipients with a message body describing the 
sent data and instructions to the recipient on how to obtain software to decrypt 
the MIME inclusion (as in the recorded delivery embodiment). Receipt of the 
e-mail package and forwarding to the receiver are events that are logged by the 
TTP for optional interrogation by the sender or they can be preprogrammed 

20 options taken up on preparation of the message package. 

The receiver is now in possession of essentially the same package as was 
received directly from the sender in the previous embodiment. In accordance 
with the same non-secure instructions in the e-mail received directly, the 
25 receiver sends the outer header and the encrypted header back to the TTP for 
decryption. Upon receipt, the TTP is able to confirm implicitly that the receiver 
received the e-mail and is attempting to open it. This event is also logged for 
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interrogation by the sender, or preprogrammed notification, as confirmation of 
receipt by the receiver. Once the TTP is satisfied as to the authenticity of the 
receiver, based on the digitally signed request and receiver's signature, the inner 
header is signed for transmission to the recipient as before. Thereafter, the 
5 decryption procedure takes the form previously described. 

From the perspective of the message sender and recipient, the only difference 
between this embodiment of the invention and the previous embodiment, is that 
the TTP can return a time-stamp (postmark) which provides proof-of- 
10 submission that the message was submitted and that the TTP forwarded it, 

Message delivery status information can be viewed by the sender by means of 
an additional on-screen tool bar on the sender* s personal computer. The sender 
can interrogate the TTP at any time or arrange to be notified as and when 
15 appropriate events have occurred. Additionally, the sender can arrange to be 
notified if a particular event is not logged by the TTP within a specified period. 
Similarly, the intended recipient is able to obtain event logging information in a 
similar way. 

20 The invention is intended to be used with e-mail communications to provide 
secure communication, status checking and non-repudiation. By routing the 
message through the TTP. time stamping of delivery of the message package is 
also possible as referred to above. Routing the cipher text directly to the 
intended recipient creates a request for a key from the recipient which can be 

25 time-stamped by the TTP as confirmation of receipt whether or not the TTP was 
a party to the transmission of the message from the sender to the recipient. 
Thereafter, the request to the TTP from the recipient for decryption to reveal K R 
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is further logged and reported to the sender as an attempt to open the encrypted 
data. Routing the cipher text directly also avoids the need for cipher text 
handling by the TTP at all. 

5 Both embodiments provide three primary functions, namely message 
postmarking, key release and enquiry processing using the logging facility in 
the data processor 16. 

In order to provide strong audit capability, each entry in the audit log of the data 
10 processor is protected by a media access control (MAC) routine internal to the 
TTP to detect tampering with the audit log. including the addition, modification 
and deletion of entries. There is an important requirement of a TTP of 
sufficiently high security. 

15 In more detail the message processing by the data processor: accepts a PEM 
formatted message from the sender; validates the sender's signature: creates a 
database entry for the message which is updated as the message passes through 
the system: calls a billing sub-routine passing the time, date, sender's 
distinguished name, sender's e-mail address, messages identified, number of 

20 recipients and message size: returns an appropriate message to the sender if the 
response from the billing sub-routine indicates that the message should be 
refused, indicating the reason for refusal and updating the audit entry 7 : generates 
a signed message for each logged event noted in the audit log; and stores 
message header information in the TTP data processor so that one database 

25 record exists for each recipient in order to provide adequate deliver}' tracking. 
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Key release includes: accepting the connection from the sender; receiving the 
signed PEM-based message, containing the encrypted header; verifying the 
recipient by the request: calling a billing sub-routine; passing the time, date, 
sender's distinguished name, sender's e-mail address, message identifier and 
5 message size; sending an appropriate message to the sender if the billing sub- 
routine indicates that the message should be refused; updating the audit entry 
and sending a message to the recipient indicating the reason for key refusal; 
updating the database delivery status: extracting the inner header using the K P0 
private key; sending the encrypted and signed PEM-based message containing 
10 the material required by the recipient; and writing appropriate information to 
the audit log. 

Enquiry processing which permits user or administrative enquiry as to the 
delivery status of a message includes: accepting the direct real-time connection 

15 from the enquirer; receiving an encrypted and signed PEM-based enquiry; 
verifying the digital signatures from the sender and/or the recipient; retrieving 
the appropriate record from the database; comparing the enquirer's 
distinguished name to the database entry to ensure that the enquirer is the 
sender, recipient or an authorised administrator; returning an error if the 

20 enquirer is unauthorised; and returning a delivery status message if the enquirer 
is authorised. 

It will be apparent to the skilled person that the keys used can be varied 
according to security requirements and perceived risk of compromise. For 
25 example, the inner header does not have to be rigorously encrypted but in some 
way at least obscured. In the art. there are the so-called 'crippling' techniques 
that provide a lesser level of security against infiltrating a message. In the 
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alternative, hash routines can be used in place of a symmetric encryption 
together with digital signatures authenticating a message originator. The 
system of the invention is applicable to secure transmission of information 
generally although it is designed for secure transmission on e-mail. The use of 
5 a further encryption step which is controlled by the TTP means access to the 
data is controlled by the TTP until it has authenticated the recipient and the 
sender. Accordingly, the principles of the invention, which have been disclosed 
by way of the above examples, can be implemented in various ways. Those 
skilled in the art will readily recognise that these and other modifications and 
10 changes can be made to the present invention without strictly following the 
exemplary applications illustrated and described herein and without departing 
from the spirit and scope of the present invention which is set forth in the 
following claims. 
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CLAIMS: 

1. A data transfer system comprising: a sender facility (10); a receiver 
facility (12) and a key facility (14); the sender facility (10) having means for 
encrypting data for the intended recipient, means for splitting the data into 
encrypted parts such that no part is decryptable on its own, means for 
encrypting at least one of the parts for a third party to produce a further 
encrypted part, means for combining the further encrypted part and the 
remaining encrypted part to produce a data block and means for sending the 
data block, the receiver facility (12) having means for receiving the data block, 
means for requesting decryption of the further encrypted part by the key facility 
(14) which has means for decrypting the further encrypted part and means for 
sending it to the receiver facility (12) and the receiver facility (12) also having 
means for decrypting the encrypted part and the decrypted further encrypted 
part provided by the key facility (14), 

2. A system as claimed in claim 1 in which the sender facility (10) includes 
means for signing the data block. 

3. A system as claimed in claim 1 or 2 in which the means for sending at 
the sender facility (10) are arranged to send the data block to the key facility 
(14) and the key facility (14) includes means for receiving the data block and 
forwarding the said block to the receiver facility (12). 

4. A system as claimed in claim 3 in which the key facility (14) further 
includes means for logging receipt of the data block. 
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5. A system as claimed in claim 1 or 2 in which the means for sending at 
the sender facility (10) are arranged to send the data block to the receiver 
facility (12) and the receiver facility (12) includes means for receiving the data 
block. 

5 

6. A system as claimed in claim 5 in which the key facility (14) further 
includes means for logging receipt of the further encrypted part, 

7. A system as claimed in any of claims 1 to 6 in which the key facility (14) 
10 includes means for logging receipt of the request for decryption of the further 

encrypted part as proof of delivery of the block to the receiver facility (12). 

8. A system as claimed in claim 7 in which the sender facility (10) includes 
means for requesting proof of delivery information from the key facility (14). 
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1. MESSAGE SENT FROM SENDER TO RECIPIENT 

2: RECIPIENT REQUESTS THE KEY TO DECIPHER THE MESSAGE 

3: TTP LOGS THE REQUEST AND RETURNS THE KEY 

4: SENDER QUERIES THE STATUS OF THE MESSAGE 

5: TTP RETURNS RESPONSE TO THE SENDER'S QUERY 
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To the Commissioner of Patents and Trademarks: 

The undersigned is empowered to act on behalf of the assignee indicated below (the "Assignee"). The 
original assignment of the attached application for Letters Patent for the invention in A SECURE DATA 
TRANSFER SYSTEM from the inventors to the Assignee is being submitted herewith for recordation by the 
Assignment Branch, A true copy of this Assignment is attached hereto. This Assignment represents the entire chain 
of title of this invention from the Inventor(s) to the Assignee. I have reviewed this Assignment, and to the best of 
the Assignee's knowledge and belief, the Assignee is the owner of the entire right, title, and interest in the above- 
referenced application. 

I declare that all statements made herein of my own knowledge are true, and that all statements made upon 
information and belief are believed to be true, and further, that these statements were made with the knowledge that 
willful, false statements and the like so made are punishable by fine or imprisonment, or both, under 18 U.S. C. § 
1001, and that willful, false statements may jeopardize the validity of the application, or any patent issuing thereon. 

The undersigned hereby revokes any previous powers of attorney in the subject application, and hereby 
appoints the registrants of Knobbe, Martens, Olson & Bear, LLP, 620 Newport Center Drive, Sixteenth Floor, 
Newport Beach, California 92660, Telephone (949) 760-0404, Customer No. 20,995, as its attorneys with full 
power of substitution , and revocation to prosecute this application and to transact all business in the U.S. Patent and 
Trademark Office connected herewith. This appointment is to be to the exclusion of the inventor(s) and his 
attorney(s) in accordance with the provisions of 37 C.F.R. § 3.71. 

Please use Customer No. 20,995 for all communications. 
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WHEREAS, I/WE (1) Rodney Perkins, a British aitizen, residing at 11 Pennine View, Heage, Belper, 
Derbyshire DE 56 2TE, United Kingdom (hereinafter referred to as Assignor (collectively if more than one inventor 
is listed above), have invented certain new and useful improvements in A SECURE DATA TRANSFER SYSTEM, 
the specification of which: 

(a) was executed on even date herewith; 

(b) B was filed on March 21 f 2001 as 5i Application No. ( & 787,784 or □ Express 

Mail No., as Application No. not yet known and was amended on 

(if applicable); or 

(c) X was described and claimed in PCT International Application No.PCT/GB99/03 140 filed on 

September 21, 1999 and as amended under PCT Article 19 on 

(if any) and/or under PCT Article 34 on August 8, 

2000 (if any). 

AND WHEREAS, Viacode Limited, with its principal place of business at Royal Mail House, 148 Old 
Street, London EC IV 9HQ, United Kingdom, (hereinafter referred to as Assignee) desires to acquire the entire 
right, title, and interest in and to the said improvements with respect to the United States of America, its territories 
and possessions. 

NOW, THEREFORE, for good and valuable consideration, the receipt and sufficiency of which is hereby 
acknowledged, Assignor hereby acknowledges that it has sold, assigned, transferred and set over, and by these 
presents does hereby sell, assign, transfer and set over, unto Assignee, its successors, legal representatives and 
assigns, the entire right, title, and interest in the United States of America, and its territories and possessions in, to 
and under said improvements, and any Patent Applications in the United States of America and all divisions, 
renewals and continuations thereof, and all Patents of the United States of America which may be granted thereon 
and all reissues and extensions thereof, and all rights of priority under International Conventions; and Assignor 
hereby authorizes and requests the Commissioner of Patents of the United States of America to issue all Patents for 
said improvements to Assignee, its successors, legal representatives and assigns, in accordance with the terms of this 
instrument. 

AND ASSIGNOR HEREBY covenants and agrees that it will communicate to Assignee, its successors, 
legal representatives and assigns, any facts known to it respecting said improvements, and testify in any legal 
proceeding, sign all lawful papers, execute all divisional, continuing and reissue applications, make all rightful oaths 
and generally do everything possible to aid Assignee, its successors, legal representatives and assigns, to obtain and 
enforce proper patent protection for said improvements in the United States of America. 



IN lES iIMONY WHEREOF, Assignor intending to be legally bound has hereunto affixed its signature. 
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DECLARATION - USA PATENT APPLICATION 

As a below named inventor, I hereby declare that: 

My residence, post office address and citizenship are as stated below next to my name; 

I believe I am the original, first and sole inventor (if only one name is listed below) or an original, first and 
joint inventor (if plural names are listed below) of the subject matter which is claimed and for which a patent is 
sought on the invention entitled A SECURE DATA TRANSFER SYSTEM 
the specification of which: 

is attached hereto; or 

was filed on March 21, 2001 as Application No. 09/787,784; 

was described and claimed in PCT International Application No.PCT/GB99/03140 filed 
on September 21, 1999 and as amended under PCT Article 19 on 

. (if any) and/or under PCT Article 34 on August 8, 

2000 (if any). 

I hereby state that I have reviewed and understand the contents of the above identified specification, 
including the claims, as amended by any amendment referred to above; 

I acknowledge the duty to disclose information which is material to the patentability of this application in 
accordance with Title 37, Code of Federal Regulations, § 1.56; 

I hereby claim foreign priority benefits under Title 35, United States Code, § 119 of any foreign 
applications) for patent, design or inventor's certificate or any PCT international applications) listed below and 
have also identified below any foreign application(s) for patent, design or inventor's certificate or any PCT 
international applications) designating at least one country other than the United States of America filed for the 
same subject matter having a filing date before that of the application(s) of which priority is claimed: 

' PRIOR FOREIGN APPLICATTON( S) 



COUNTRY (OR 
INDICATE IF PCT) 


APPLICATION 
NUMBER 


DATE OF FILING 
(day, month, year) 


PRIORITY CLAIMED 
UNDER 35 U.S.C. § 119 


United Kingdom 


9820558.6 


21 September 1998 


XYES 


NO □ 








□ YES 


NO □ 








□ YES 


NOQ 








□ YES 


NO □ 








□ YES 


NO □ 



I hereby claim the benefit under Title 35, United States Code, § 120 of any United States application(s) 
listed below, and insofar as the subject matter of each of the claims of this application is not disclosed in the prior 
United States application in the manner provided by the first paragraph of Title 35, United States Code § 112 I 
acknowledge the duty to disclose material information as defined in Title 37, Code of Federal Regulations § 1 56(a) 
which occurred between the filing date of the prior application and the national or PCT international filing date of 
this application: 
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Prior U.S. A. Application(s) 



Application No.: 



Filing Date: 



Status: 



I hereby declare that all statements made herein of my own knowledge are true and that all statements 
made on information and belief are believed to be true; and further that these statements were made with the 
knowledge that willful false statements and the like so made are punishable by fine or imprisonment, or both, under 
Section 1001 of Title 18 of the United States Code and that such willful, false statements may jeopardize the validity 
of the application or any patent issued thereon. 



Full name of sole or first inventory Rodney Perkins 



Residence (city and country): 1 1 Pennine View, Heage, Belper, Derbyshire, DE56 2TE, United Kingdom C-7 lJy}C 
Citizenship: United Kingdom 
Post Office Address: same as above 
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Customer No. 20,995 

H:\DOCS\MOH\MOH-4966.DOC :ad 
031401 



Inventor's signature- 




/ Month * Year * < 



